WorldPay, which is part of the Royal Bank of Scotland Group, was initially hit on Tuesday by the massive DoS attack, which flooded the company with bogus requests and brought its payment and administration systems to a grinding halt.
Customers, including Vodafone, Sony and hundreds of online retailers, who use WorldPay to process card transactions, were notified of the problems in an email yesterday. WorldPay said it was filtering and re-routing requests and giving customers the option of accessing a back-up service.
Simon Fletcher, head of UK communications at WorldPay, told silicon.com the company was aiming to restore something like normal service today but he admitted that the continued attack is still affecting availability.
"Though many of the measures we put in place yesterday are working effectively, the 'denial of service' attack is being sustained and availability of our systems is at times intermittent as a result of this," he said.
Fletcher stressed that the integrity of WorldPay's systems had not been compromised and that the attack was purely aimed at knocking the service offline by overloading it with bogus requests.
"We are continuing to execute our contingency plans and are committed to achieving full restoration of the service as soon as we are able. We are keeping our customers briefed through all means possible," he said.
Talkback
Here is a copy of an e-mail I sent to Worldpay as they say in this article they are keeping customers breifed by all means possible:
This outage is an absolute disaster for us - we sent a large mailing for a special event that we were running with specially printed leaflets all giving our online booking system address to visit from 12:00 Wednesday which, to much embarrassment.
But what really annoys me is that you say you are doing everything you can to help the situation. No you are not - what you are not doing is keeping customers informed of the situation. I have had just one e-mail sent on the morning of 5th November but nothing else since.
On ZDNet Simon Fletcher is quoted as saying "We are keeping our customers briefed through all means possible,". What? All means possible?
I have found out that if you go to support.worldpay.com you can find out the system status, but you don't mention this in the e-mail. Support.worldpay.com kept suffering problems in accessing it. The information about system status is out of date - the front page says things are almost back to normal, the system status says there are still big problems but it hasn't actually been updated since 12:00 Thursday. I am having to get any information from trawling news sites. On one such news site I see that you are offering customers a backup server to use. I have never been offered this even though I've specifically asked if you had one on three separate phone calls as my e-commerce system is written in house and can therefore be changed at will. You also don't mention this backup server on your site nor have you sent an e-mail to customers informing them of this.
Keeping people updated on the situation with a special website not on the affected network with messages updated and status every hour would have made this outage so much more bearable and satisfied me that your customers were important to you.
Just shortly before this "attack" WorldPay performed a major system "upgrade". A few days later the system falls over. Coincidence? Isn't it the easiest thing in the world to blame hackers when the real problems may be a WorldPay in-house cockup?
Is there any independent reason to believe this was an "attack".Surely it's not THAT hard to trace the source of the attack?